Twin Cities Software Symposium: Spring
March 12 - 14, 2010 - Minneapolis, MN
Ken Sipe
Architect, Web Security Expert
Ken has been a practitioner and instructor of RUP since the late 1990s, and an extreme programmer and coach since the middle 2000s. Ken has worked with Fortune 500 companies to small startups in the roles of developer, designer, application architect and enterprise architect. Ken's current focus is on enterprise system automation and continuous delivery systems.
Ken is an international speaker on the subject of software engineering speaking at conferences such as JavaOne, JavaZone, Jax-India, and The Strange Loop. He is a regular speaker with NFJS where he is best known for his architecture and security hacking talks. In 2009, Ken was honored by being awarded the JavaOne Rockstar Award at JavaOne in SF, California and the JavaZone Rockstar Award at JavaZone in Oslo, Norway as the top ranked speaker.
Presentations
XSS-Proof
Companies have focused for years to solidify the back-end infrastructure in defense against hacking attempts. Most companies however are forced to open up many ports including port 80 (http) for users to access web applications among other resources. This has lead to web attacks growing to be the #1 classification of hacker attacks today. In this space Cross Site Scripting (XSS) is the #1 ranked vulnerability affecting a large number of sites. This evolution requires that the understanding of securing an application move beyond sys admins and incorporate all aspects of system delivery for the protection of a system and system resources.
This session will detail what XSS is, including a large number of vectors of attack. We will review information from several OWASP development guides, along with code review tips when focused on XSS. An enabling aspect of XSS is AJAX and in particular JavaScript, for which we will focus on techniques and frameworks to help secure the DOM. Attendees will learn the techniques necessary to help XSS-Proof their web applications.
Enter The Gradle
This presentation introduces the audience to the power of Gradle through many real-world examples that are demonstrated live. By the end of the presentation, you'll understand how Gradle helps to elegantly solve the challenges that we face in our daily enterprise builds.
We'll go through such powerful concepts as: advantages of declarative over imperative build systems, convention over configuration without rigidity, task definitions and dependencies, the benefits of plugins, deep multi-project support, runtime optimizations through partial builds and harvesting existing functionality through Ant and Maven integration as well as strategies for migrating from these build tools. We will demonstrate some of the innovative goodies that come with Gradle out-of-the-box, like smart incremental builds, the Gradle Daemon and the Gradle Wrapper. We show also many of the new features like Eclipse integration, Sonar integration, Heroku integration, C/C++ support and other new plugins.
Agile Velocity
The agile development process is all about early and often feedback. One aspect of feedback is how is the team doing... Are we accurate in our estimates? Are we consistent in our velocity? As velocity varies, what is it telling me?
This session will focus on the art of estimating project stories and look at several techniques of assigning "points" to stories. We will discuss the advantages and disadvantages of the various approaches of point assignment. Regardless of the point system, the end result at the end of the iteration is a number... velocity. We will look at the value of velocity and contrast that with other feedback loops with the agile process.
So you want to be an Architect
This session is a quick look at all aspects of being a corporate software architect. Whither you are a developer looking to move into the role of architect, needing to have an understanding of what is expected or already in the role of software architect looking for new and interesting ideas, this session is for you.
This session is designed to be a jam session on all aspects of software architecture and many of the roles of software architect. The following subject areas will be covered: - Software Development Process - Project Key Mechanisms: Languages and Frameworks - Security: Threats, Securing Code Review, Adding Security to you process - Layers, Partitions and Topologies - VM Optimizations - Usability and User Experience - Optimizing the Web - Ready for Production: Monitoring - Integration - Data Modeling
Books
by Gary Mak, Daniel Rubio, and Josh Long
List Price: $49.99
Price: $31.49
You Save: $18.50 (37%)
-
With over 3 million users/developers, Spring Framework is the leading “out of the box” Java framework. Spring addresses and offers simple solutions for most aspects of your Java/Java EE application development, and guides you to use industry best practices to design and implement your applications.
The release of Spring Framework 3 has ushered in many improvements and new features. Spring Recipes: A Problem-Solution Approach, Second Edition continues upon the bestselling success of the previous edition but focuses on the latest Spring 3 features for building enterprise Java applications. This book provides elementary to advanced code recipes to account for the following, found in the new Spring 3:
- Spring fundamentals: Spring IoC container, Spring AOP/ AspectJ, and more
- Spring enterprise: Spring Java EE integration, Spring Integration, Spring Batch, jBPM with Spring, Spring Remoting, messaging, transactions, scaling using Terracotta and GridGrain, and more.
- Spring web: Spring MVC, Spring Web Flow 2, Spring Roo, other dynamic scripting, integration with popular Grails Framework (and Groovy), REST/web services, and more.
This book guides you step by step through topics using complete and real-world code examples. Instead of abstract descriptions on complex concepts, you will find live examples in this book. When you start a new project, you can consider copying the code and configuration files from this book, and then modifying them for your needs. This can save you a great deal of work over creating a project from scratch!
What you’ll learn
- How to use the IoC container and the Spring application context to best effect.
- Spring’s AOP support, both classic and new Spring AOP, integrating Spring with AspectJ, and load-time weaving.
- Simplifying data access with Spring (JDBC, Hibernate, and JPA) and managing transactions both programmatically and declaratively.
- Spring’s support for remoting technologies (RMI, Hessian, Burlap, and HTTP Invoker), EJB, JMS, JMX, email, batch, scheduling, and scripting languages.
- Integrating legacy systems with Spring, building highly concurrent, grid-ready applications using Gridgain and Terracotta Web Apps, and even creating cloud systems.
- Building modular services using OSGi with Spring DM and Spring Dynamic Modules and SpringSource dm Server.
- Delivering web applications with Spring Web Flow, Spring MVC, Spring Portals, Struts, JSF, DWR, the Grails framework, and more.
- Developing web services using Spring WS and REST; contract-last with XFire, and contract–first through Spring Web Services.
- Spring’s unit and integration testing support (on JUnit 3.8, JUnit 4, and TestNG).
- How to secure applications using Spring Security.
Who this book is for
This book is for Java developers who would like to rapidly gain hands-on experience with Java/Java EE development using the Spring framework. If you are already a developer using Spring in your projects, you can also use this book as a reference—you’ll find the code examples very useful.
Table of Contents
- Introduction to Spring
- Advanced Spring IoC Container
- Spring AOP and AspectJ Support
- Scripting in Spring
- Spring Security
- Integrating Spring with Other Web Frameworks
- Spring Web Flow
- Spring @MVC
- Spring RESTSpring and Flex
- Grails
- Spring Roo
- Spring Testing
- Spring Portlet MVC Framework
- Data Access
- Transaction Management in Spring
- EJB, Spring Remoting, and Web Services
- Spring in the Enterprise
- Messaging
- Spring Integration
- Spring Batch
- Spring on the Grid
- jBPM and Spring
- OSGi and Spring
Price: $31.49
You Save: $18.50 (37%)
-
With over 3 million users/developers, Spring Framework is the leading “out of the box” Java framework. Spring addresses and offers simple solutions for most aspects of your Java/Java EE application development, and guides you to use industry best practices to design and implement your applications.
The release of Spring Framework 3 has ushered in many improvements and new features. Spring Recipes: A Problem-Solution Approach, Second Edition continues upon the bestselling success of the previous edition but focuses on the latest Spring 3 features for building enterprise Java applications. This book provides elementary to advanced code recipes to account for the following, found in the new Spring 3:
- Spring fundamentals: Spring IoC container, Spring AOP/ AspectJ, and more
- Spring enterprise: Spring Java EE integration, Spring Integration, Spring Batch, jBPM with Spring, Spring Remoting, messaging, transactions, scaling using Terracotta and GridGrain, and more.
- Spring web: Spring MVC, Spring Web Flow 2, Spring Roo, other dynamic scripting, integration with popular Grails Framework (and Groovy), REST/web services, and more.
This book guides you step by step through topics using complete and real-world code examples. Instead of abstract descriptions on complex concepts, you will find live examples in this book. When you start a new project, you can consider copying the code and configuration files from this book, and then modifying them for your needs. This can save you a great deal of work over creating a project from scratch!
What you’ll learn
- How to use the IoC container and the Spring application context to best effect.
- Spring’s AOP support, both classic and new Spring AOP, integrating Spring with AspectJ, and load-time weaving.
- Simplifying data access with Spring (JDBC, Hibernate, and JPA) and managing transactions both programmatically and declaratively.
- Spring’s support for remoting technologies (RMI, Hessian, Burlap, and HTTP Invoker), EJB, JMS, JMX, email, batch, scheduling, and scripting languages.
- Integrating legacy systems with Spring, building highly concurrent, grid-ready applications using Gridgain and Terracotta Web Apps, and even creating cloud systems.
- Building modular services using OSGi with Spring DM and Spring Dynamic Modules and SpringSource dm Server.
- Delivering web applications with Spring Web Flow, Spring MVC, Spring Portals, Struts, JSF, DWR, the Grails framework, and more.
- Developing web services using Spring WS and REST; contract-last with XFire, and contract–first through Spring Web Services.
- Spring’s unit and integration testing support (on JUnit 3.8, JUnit 4, and TestNG).
- How to secure applications using Spring Security.
Who this book is for
This book is for Java developers who would like to rapidly gain hands-on experience with Java/Java EE development using the Spring framework. If you are already a developer using Spring in your projects, you can also use this book as a reference—you’ll find the code examples very useful.
Table of Contents
- Introduction to Spring
- Advanced Spring IoC Container
- Spring AOP and AspectJ Support
- Scripting in Spring
- Spring Security
- Integrating Spring with Other Web Frameworks
- Spring Web Flow
- Spring @MVC
- Spring RESTSpring and Flex
- Grails
- Spring Roo
- Spring Testing
- Spring Portlet MVC Framework
- Data Access
- Transaction Management in Spring
- EJB, Spring Remoting, and Web Services
- Spring in the Enterprise
- Messaging
- Spring Integration
- Spring Batch
- Spring on the Grid
- jBPM and Spring
- OSGi and Spring
